« France's Secret Plan To Conquer The World | Main | Bonfire of the Vanities - Week 76 »

Am I my brother's sister-in-law's computer's keeper?

The other night, as apparent recompense for my room and board while on vacation, I found out hostess had volunteered my host and myself to go over and try to "fix" her sister's computer.
Darcy (as I'll call her -- name changed to protect the computer-impaired) has a rather nice system. Pentium 4 running at 2.53GHz, 384MB RAM, Windows XP home. But it was slower than death, and had huge popup issues. We got right to work.

I had her sign on to her AOL dialup account first. (No remarks, please -- it's just about her speed. She's very intelligent and talented, just not when it comes to this stuff. Then I fired up her browser and went to work.

First thing I saw was three different toolbars on her Internet Explorer. Then the popups started. And wouldn't stop.

I downloaded Yahoo!'s toolbar first while rooting through the "add/remove" window and clearing out what I could. One of them -- I think it was Gator -- wouldn't even let me uninstall without taking a brief survey, the bastards. (I filled it out with as much damaging info as I could -- too intrusive, ads were not relevant, etc. etc. -- but got very profane and insulting when it asked "what could we have done to keep you from uninstalling this?") I also put on the latest version of Lavasoft's Ad-Aware.

When done (and about 3 dozen popups closed out, and two restarts from the connection overloading and crashing IE), Ad-Aware detected (sit down for this, people) over 80 separate pieces of spyware (including two dialers and one keystroke-capturer), with almost 1700 different pieces and components. I had to stop and restart Ad-Aware every 200 pieces to keep it from freezing up (presumably in horror).

Darcy, trying to find the best of a bad situation, was inordinately proud of the sheer number of pieces -- the most I'd ever heard of, let alone seen. (In her defense, she does have four kids, including twin 12-year-old girls.)

I grasped for a way to convey just how horribly bad that was, until I found just the right metaphor. "Darcy, what you're bragging about is the equivalent of going on the Jerry Springer show and boasting about having the most possible fathers for your illegitimate child."

That finally got it through.

Next time I do that, though, I'm putting on rubber gloves. I felt dirty just touching the keyboard.

J.


TrackBack

Listed below are links to weblogs that reference Am I my brother's sister-in-law's computer's keeper?:

» XTremeBlog linked with Malware Slayer

» Weekend Pundit linked with AdWare Wars

» Autonomous Source linked with Stuff & Things XII

Comments (30)

Dude, 80 is not ba... (Below threshold)

Dude,
80 is not bad, that is about the avg. I find of most systems now. My dads system alone had 350 plus and it took me 4 hours and 5 resets to get it all. Be glad the count was so low. I have never seen anything as bad for computers as this spyware, adware, popup bull [email protected]#$. It's makes life hell for the average user.

Derek

I bought Spysweeper for my ... (Below threshold)
Rodney Dill:

I bought Spysweeper for my home computer and it works pretty good. I did get 'look2me' on my work laptop once and it was extremely difficult to remove. I finally found a utility that did the trick.

(1.) Get SPYBOT SEARCH & DE... (Below threshold)
-S-:

(1.) Get SPYBOT SEARCH & DESTROY (it's free) and install it, keep it running, and,

(2.) Get SPYWARE BLASTER (it's also free) and keep that running, and,

(3.) Get Norton Internet Security Professional and keep that running and...

anyone/everyone should be ad and popup and trojan and most everything else free.


The first two block almost everything imaginable from even being installed on your harddrive and combined with the third, all attempts to access unused ports or connect via a trojan/spyware program not possible, and easy to identify what is on your system and how to safely and effectively remove it.

I also suggest weekly or at least frequent online security and antiviral scans by both TrendMicro's Housecall and Symantec's Scans...combined with the three programs, these scans when used often will keep most things out of your system.

What is really bugging me are the trojan attachments that the stupid Nigerian banking scammers continue to spread all over the place. Just and even deleting their Spam crud seems to attempt to set them off. Truly rotten to the core, should be a crime.

I'm also getting bugged by the constant nagging to install and run Flash by Macromedia on several blogs (Rusty's Jawa Report, for one, among others)...another door to viral/trojan programs, so I don't install/enable Flash but the several websites that I used to visit (blogs) won't stop nagging about the dratted thing. Sites need to knock off Flash forced on visitors, make some optional selection if you WANT to access Flash, not make it a choice to NOT install/run the dratted program.

<a href="http://www.safer-n... (Below threshold) I get roped into that anyti... (Below threshold)
kenny:

I get roped into that anytime i go home to..it's alway my computer is slow or this doesn't work etc etc. I think i have touched every persons computer where my girl works. Anytime anyone has a problem they call me..

and no 80 isn't that bad but i think most of the responders here are a little to eager to help lol. I think he has shown a bit of knowledge in the area so i'm sure he's got a grasp on what to do :)

Another great clean-up tool... (Below threshold)

Another great clean-up tool for tough problems is HijackThis , which lets you go directly into the list executables linking themselves to IE and start deleting. It shows both good and evil applications, though, so you'll need to identify what's what as you go along.

I month or two ago I ran across a toolbar that used a hijacked background IE task to reinstall itself whenever it was removed. I used Process Explorer to see what was happening and to suspend all instances of IE until I'd gotten everything removed. Grrr.

(And I won't belabor this point, but you may also want to consider recommending Firefox. I'm switching over the family's computers whenever I can.)

I'd also suggest installing... (Below threshold)

I'd also suggest installing Firefox and deleting every icon that points to IE.

And I'm a member of my local Microsoft Architects Council!

SAAM - "And I'm a former... (Below threshold)
Boyd:

SAAM - "And I'm a former member of my local Microsoft Architects Council since Bill Gates took out that contract on my life."

:)

The Jerry Springer comment ... (Below threshold)
Tom_with_a_dream:

The Jerry Springer comment was priceless...

And Firefox rules!!!

Why don't you people just g... (Below threshold)
Paul:

Why don't you people just get Macs????

I have over a dozen of them sitting on fixed IP's with no firewall, no nothing... Not a single problem....

Why you people kill yourselves to run a lesser product that costs more, I'll never understand.

P

Paul, it's the appeal of ha... (Below threshold)
Jay Tea:

Paul, it's the appeal of having built my own system, to my own specs, and being able to upgrade it piecemeal (critical to my budget) that appeals so much to me...

Plus I worked for a guy who differentiated between "Real computers" (PCs) and "Ataris" (Macs).

But I said earlier: I don't get into PC vs. Mac arguments. I avoid religious arguments.

J.

My little brother likes to ... (Below threshold)
Steel Turman:

My little brother likes to tell of getting his first code
from Bill Gates on paper tape in 70 or 71.

He had his laptop fumigated awhile back and there
were 94 spywares on it.

Pissed him off so bad he learned to write Unix and
bought a Tadpole.

Just wrote to tell me he is free of windows.

I didn't have the heart to tell him that it DILIGENCE
that kills the beast.

Well, I use a DELL and have... (Below threshold)
-S-:

Well, I use a DELL and have only managed to get one, maybe two, spyware-related-problematic-undesirables, in several years...but I also devote a lot of time to my Registry and review all running processes nearly daily and keep things current.

I had a previous PC that was ruined -- harddrive, ruined, would not reformat, load an OS, just ruined -- when I let Norton AntiViral subscription lapse by TWO DAYS before renewal, and the PC got infected with some horrible worm program. Even Microsoft had nothing but gloom to say as to my chances for recovery ("it's among the very worst of the bad ones" the Microsoft technician over the phone told me, and so it was).

Windows is irking me at present, however. Too many 'messenger' related programs, too many services I don't need or want, all of which seem to be necessary for the OS at one time or another (so the OS announces)...I looked into Firefox once a year or so ago, didn't install it, but I might still do so in the next few weeks, after this new harddrive finally arrives (been waiting for it since November...argh...).

But, as to speed and capacity, the DELL I now use is extraordinarily great. I'd never undue the purchase and have my eye on one of their XPSs for next year.

I'll tell you right now all... (Below threshold)
Mark:

I'll tell you right now all of that crap is coming through AOL. My sister uses AOL and no matter what within two weeks of cleaning it is full again.

400 -1,000 Spyware programs... (Below threshold)
John S.:

400 -1,000 Spyware programs is typical in the PCs I see. Unfortunately, if I don't have an Internet connection, I'm unemployed. And it's a war out there. I don't use Internet Explorer, period. I use Firefox for sites that must use a cookie, but 90% of my browsing in on Netscape, set to refuse all cookies. I also run Spybot, a virus checker, a software firewall and my computers sit inside a hardware firewall and only use non-routable IP addresses to talk to each other and the Web. Haven't had any problems lately.

Soooooo..... Sounds like my... (Below threshold)

Soooooo..... Sounds like my darling hubby when he visits my parents with me (yes, AOL poster kids LOL). He works in computer security, so he's *very* aware of these issues.

I'm doing great with my laptop and it's security/spyware programs, so all I need to do right now is keep things updated, and run scans regularly.

But for the future, since a lot of the security problems seem to be related to MS, would it be a good thing, perhaps, to install Linux as the OS? If I were to get a new computer, I mean. If I ran IE on the Linux OS (shudder), would I *still* have the security problems?

I ask because Typepad QuickPost is fully supported only in IE or IE clones, and I'm lazy ;). Of course, by the time I buy a new laptop, *that* issue may no longer exist....

At 1700 pieces, she is an a... (Below threshold)
Steve L.:

At 1700 pieces, she is an amateur. In schools, I can easily see more than that. There is no one program that is the be-all and end-all for these things. You should almost always use at least two (if not more) programs to really get a good cleaning. I personally use AdAware and Spybot.

Another tip which makes things go faster is to run the scan in Safe Mode. Download, install and update the program, then reboot to safe mode. In Windows 98, you hold the CTRL key when it starts booting and the menu will come up. In ME, 2000, and XP, tap the F8 key repeatedly as it starts to boot. A menu will come up offering you boot options. Select Safe Mode and away you go. In Safe Mode, you don't load a bunch of drivers and the startup portions of the registry are bypassed. As a result, the offending programs are not started and the clean-up programs can work more efficiently and quickly. Scan time in Safe Mode is generally less than 5 minutes on an average machine.

My PC has been crippled for... (Below threshold)

My PC has been crippled for months - it's a family computer used by 6 people with some very odd interests - and we use Kazaa so it was packed full of crap.

I ran Ad Aware last week and discovered we had 1454 items that had to be quarantined - including 2 keystroke-capturers and what they called a possible hijack attempt. It's running much better now.

And then you installed <a h... (Below threshold)
Joe:

And then you installed Firefox, for which I get affiliate credit from the above link, right?

No, I don't get any money...

That is all.

Oh, and one more thing...ha... (Below threshold)
Joe:

Oh, and one more thing...have her try Linux.

One can feel real superior ... (Below threshold)
Tom:

One can feel real superior saying run Linux, but that is the person that pays attention to technology, is enthused by it, and really cares.

The majority of the people out there do not care about the OS, hell they typically do not know what the OS is. These are my customers, and for them when "Mary" comes home from college and wants to see pictures of Leonardo DiCaprio in his underware, inadvertently hits a spyware farm.

People want MS, and they have tried with XP SP2, get rid of spyware.

I recommend ADAWARE and SPYBOT, run those weekly with a good Antivirus program, and the problem usually will be contained.

For the geeks, all you need is HiJack This and you can clean up the computer pretty quickly.

I use Adaware with good suc... (Below threshold)

I use Adaware with good success. Another great and simple preventative measure is DNS Kong. http://accs-net.com/hosts/DNSKong.html

It modifies your hosts file to point most ads and other junk back to your host IP, thus you never even get to those sites. It doesn't help anybody's sitemeter rankings however.

"I had to stop and restart ... (Below threshold)

"I had to stop and restart Ad-Aware every 200 pieces to keep it from freezing up (presumably in horror)."

roflmbo!!! I don't know why anthropomorphic statements like that make me laugh so much.

I have been called for the ... (Below threshold)

I have been called for the same duty quite frequently over the past few weeks.

I got so tired of fixing people's spyware issues, I decided to write a little piece on it in my wiki. Check it out at http://www.jmarler.com/wiki/spyware

I only finished it yesterday, and haven't had a chance to get it proof-read, so it may have some error/ommisions. Any suggestions are welcome.

- Excuse me while I go "cle... (Below threshold)

- Excuse me while I go "clean" my 'puter....Hyaaaaaaaaaiiiiiiii"....

Well, Paul, the main reason... (Below threshold)
Tim in PA:

Well, Paul, the main reason I don't use a Mac (wonderful as they are, I will grant you that) is that:

(1) I can't build one myself and save money.
(2) Almost no one makes any software I'd actually want to run on one, and those few who do charge me out the ass for it.

Doesn't matter how great it is if I can't do anything with it.
--------------------------

As for spyware..... ARRRRRRGH I hate spyware companies. Especially the bastards who made the TVMedia bullshit that took months to get rid of and required re-installing my media player.

I also think it was d/ling lots more spyware, because after I got ZoneAlarm it noticed that it was trying to connect to the internet, and if I let it I'd suddenly have more spyware. I had a hell of a lot more than 80 nasties on my computer; it started with a pop-up when a buddy gave me a link to something on Ebaumsworld. I went for years without ever having a virus, annoying toolbar, or anything, until that one pop-up.

And most annoyingly, it would create fake warning windows when I started up, telling me I needed to go buy someone's anti-spyware crap. The NERVE of those people. I found who made it, though, so some day I will have my revenge. BWAAAAAAAHAHAHAHAHAHAHA.

I had good luck with ZoneAlarm (helps me find when ET is trying to phone home or call for backup), AdAware, Spybot Search and Destroy, and Norton Antivirus (which finally zapped the nastiest spyware bit, oddly enough).

I also found the Spyware Guide site, http://www.spywareguide.com/term_list.php , helpful in finding out what I had, and who made it (i.e., who needs to be strangled with their own intestines.)

The record where I work is ... (Below threshold)
Anonymous:

The record where I work is 3,947 (Ad-Aware SE).

Tom makes a great point when he said, "The majority of the people out there do not care about the OS, hell they typically do not know what the OS is," and some folks discussing it here are demonstrating that (that's not intended to make me sound all high-and-mighty. I'm just stating a fact.). You can argue Mac v Windows or Linux v UNIX or DOS v BEOS, but the real culprits are the a-holes who write the spyware. People pick on Microsoft because, like the USA, they're the big dog, and everyone loves trying to bring down the big dog. They don't pick on Apple or Linux or Firefox because they're the little guy everyone is rooting for.

Me? At home I use XP and FireFox. I like building my own computers and having a shitful of software to run...and when I have a problem, I want an error code, not a damn frowny face.

Firefox for the Web ... and... (Below threshold)

Firefox for the Web ... and its sister program, Thunderbird, for email.

Outlook and Outlook Express are unsafe and they're not very good email clients anyway.

I agree with Tim in PA, as ... (Below threshold)
-S-:

I agree with Tim in PA, as to the overrated hype that surrounds MACs for the most part (not everyone, just the offputting condescension that many who use MACs display against other hardware...I used a loaner with the Apple OS and thought it was incredibly, umm, let's see....adjective here...incredibly BLAND)...

Anyway, someone was mentioning the cookie/TIF problem from using IE...you can easily modify the cookie handling in Windows XP, even set it to disallow all cookies and/or some combination of allowing only certain sites' cookies and/or, the approach I like, disallowing cookies from certain sites and almost all advertisers. And, blocking most if not all site advertising, which in combination with Norton's Internet Security Professional keeps ALL AND EVERY POPup suppressed and nearly all (if desirable) advertising suppressed. There's a happy medium to that but as to popups, popunders and animations on sites/Java/Flash, you can suppress all or any combination of those using both Windows XP and Norton, and then combined with the other two programs I mentioned earlier, Spybot S&D and SpywareBlaster, you can prevent all/any unused port access, prevent intrusions of any desired sort, grant access to only those programs that you want to access the internet and understand why/what they are, so, I've managed to never have ANY spyware over the course of several years running now, thanks to those programs all working together. There's no need to resort to the "no Windows" and/or "no IE" point if you just watch what you have on your harddrive and what it's doing and why -- all of which is relatively easy to discern if you just spend a bit of time looking over your system carefully and maintaining active subscriptions to Norton and running preventive measures often enough, something akin to vacuuming your home and doing your laundry, as to scheduling and frequency of time and attention.

Hijack This is great, too but you also need a combination of these antisypware/sweeper programs because not all of them are set to prevent and remove all the spyware that's encountered, such that, if you combine and use a few of these, you'll capture everything.

AdAware doesn't capture a lot that Spybot S&D does capture. And, Spybot S&D offers tools that also scan your registry and display all running programs and everything that's set for startup so it provides more thorough information than does AdAware alone. Also, AdAware has that freezeup program even when it only encounters one, two spywares.

When I used AdAware only and only Norton's Antivirus, I'd find that there were several spywares (but never any keystroke loggers or trojans, thanks to Norton) and AdAware would frequently display quirks when used (could have been incompatibility with Norton, I realize).

However, since I uninstalled AdAware and installed Norton's Internet Security Professional and Spybot S&D, along with Spyware Blaster (that prevents installation of nearly all bad things), the three programs work very well together and nothing's ever frozen, needs a restart, fails to scan fully and well, or competes with the others.

Hijack This! is great for those who understand how to edit their Registry, and is the most thorough but for novice users, they should share the program's results with a security forum so that they understand what the results mean and how to work through the results without harming their system.

Anyway, I use IE with Windows XP on a DELL with these three key programs -- Spybot S&D, SpywareBlaster and particularly Norton Internet Security Professional (includes AntiVirus) -- and then use them often combined with the online scans if I ever have some suspicions about a problem, just to be sure, and haven't seen a popup, popunder, animated flyby, trojan, spyware and/or virus since. Not to say I don't encounter them -- Norton provides a great log of both intrusion alerts and viruses/trojans blocked -- just that I don't have to deal with them following a stealth install.

FONTS, for the uninitiated, however, are a breeding ground of trojan programs. So, be careful before you ever download any "free font" offers on the internet, as with music files.

-S-, that's all well and go... (Below threshold)
Red Five:

-S-, that's all well and good, for the techno folks like us. But unfortunately, most people barely recognize that this stuff even exists, let alone be able to find a program to clean it up and another one to block it. I've cleaned up my fair share of customer spyware and the odd Klez infection (boy have I got stories about that worm), and I've found that what works best for me is to use Ad-Aware and SpyBot together, 1-2 punch style. But again, too many people out there go blithely along, as if the internet is just perfect, until something major happens. Most Average Joe users don't know how to perform preventative maintenance on their PCs; they just want it to work.

I run SpyBot and let it clean up what it can, often leaving a couple things until the next reboot. Then I run Ad-Aware, to the same result. Then reboot, and run SpyBot again, followed by Ad-Aware. That usually gets everything cleaned up. I'll run a virus sweep online, too, but I don't use Norton's security programs other than the AntiVirus, because they tend to worm their way into the OS, and if the subscription expires, things start breaking. Try to remove it, and you're left with a swiss-cheese OS badly in need of reinstall.

Personally, I use Firefox 1.0, Thunderbird 1.0, and Linux-Mandrake 10.1, on my work laptop and my home gaming system. No spyware whatsoever, and it's pretty easy to set up and use, yet still very powerful when I need it. I work in a Windows world, so I use VMware when I need to, or Crossover Wine for IE (our contact management system works best with it :-( ), on my laptop. To play Windows-based games, I use Transgaming Cedega (formerly Wine-X), and so far I've not had any problems. I can play all the latest stuff with it. Maybe one of these days I'll get my wife using Firefox on Windows at least, and maybe transition her to Linux outright. If I can help it, I'm getting Windows out of my house.




Advertisements









rightads.gif

beltwaybloggers.gif

insiderslogo.jpg

mba_blue.gif

Follow Wizbang

Follow Wizbang on FacebookFollow Wizbang on TwitterSubscribe to Wizbang feedWizbang Mobile

Contact

Send e-mail tips to us:

[email protected]

Fresh Links

Credits

Section Editor: Maggie Whitton

Editors: Jay Tea, Lorie Byrd, Kim Priestap, DJ Drummond, Michael Laprarie, Baron Von Ottomatic, Shawn Mallow, Rick, Dan Karipides, Michael Avitablile, Charlie Quidnunc, Steve Schippert

Emeritus: Paul, Mary Katherine Ham, Jim Addison, Alexander K. McClure, Cassy Fiano, Bill Jempty, John Stansbury, Rob Port

In Memorium: HughS

All original content copyright © 2003-2010 by Wizbang®, LLC. All rights reserved. Wizbang® is a registered service mark.

Powered by Movable Type Pro 4.361

Hosting by ServInt

Ratings on this site are powered by the Ajax Ratings Pro plugin for Movable Type.

Search on this site is powered by the FastSearch plugin for Movable Type.

Blogrolls on this site are powered by the MT-Blogroll.

Temporary site design is based on Cutline and Cutline for MT. Graphics by Apothegm Designs.

Author Login



Terms Of Service

DCMA Compliance Notice

Privacy Policy